mattg31
Posts: 42
Joined: Fri Jan 05, 2018 9:55 pm

How secure is sudo with a password?

Thu Jun 14, 2018 10:23 am

I have some python code running a GUI and some peripherals, and I would like to protect the code from human eyes, as it has sensitive information like email address passwords etc.

There may be (most likely is) a better way of doing this, but I would like to protect my python code by locking out the permissions to read/write, and by enabling a password on sudo.

After doing this, when I try and open the file containing my python code using sudo, it prompts me for a password.

My question is: How secure is this method of security to ensure people can't view or copy this file onto another device?

I have read about SSL encryption, however this doesn't seem like a good fit for my project, as the code I am protecting will be running a GUI when the raspberry pi is turned on, so I would need to decrypt at startup , and from what I can gather this would negate the purpose of encrypting the file in the first place.

User avatar
DougieLawson
Posts: 32668
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: How secure is sudo with a password?

Thu Jun 14, 2018 10:32 am

Nothing on your Raspberry is secure. I can pull your SDCard and read it on my Raspberry without any security.

sudo with a password is better than sudo (as set-up by default in Raspbian), but the security is only as strong as the password.

If you don't set

Code: Select all

Defaults        rootpw
then anyone who knows the password for the pi user can run with root privileges (and all bets are off).

Although, if you do set

Code: Select all

Defaults        rootpw
then you MUST set a strong password for root. That password MUST be different to the password for pi.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

ghans
Posts: 7714
Joined: Mon Dec 12, 2011 8:30 pm
Location: Germany

Re: How secure is sudo with a password?

Thu Jun 14, 2018 10:42 am

Both the Linux kernel and GNOME offer a keyring facility. It might or might not be an improvement over plaintext files which only the owner can read (note that the SSH private key is secured exactly in this way).

ghans
• Don't like the board ? Missing features ? Change to the prosilver theme ! You can find it in your settings.
• Don't like to search the forum BEFORE posting 'cos it's useless ? Try googling : yoursearchtermshere site:raspberrypi.org

User avatar
topguy
Posts: 4406
Joined: Tue Oct 09, 2012 11:46 am
Location: Trondheim, Norway

Re: How secure is sudo with a password?

Thu Jun 14, 2018 11:45 am

You cant really protect your code in any meaningful way. So my suggestion is to take the sensitive information out of the code and keep it somewhere else (database, encrypted file etc.) that can be protected.

mattg31
Posts: 42
Joined: Fri Jan 05, 2018 9:55 pm

Re: How secure is sudo with a password?

Thu Jun 14, 2018 1:25 pm

Thanks for the replies and info guys! Much appreciated. I think a password locked database makes sense as I am already using an SQLite database.
Nothing on your Raspberry is secure. I can pull your SDCard and read it on my Raspberry without any security.
@dougieLawson, Just for clarification on my end: I understand nothing is 100% secure, however are you saying that if a file has read/write permissions for sudo user only, and I enable password for sudo (and change it to a very robust password), someone could take the SD card out of my raspberry pi and plug it into theirs, and essentially bypass the permissions/password?

Thanks again

tpyo kingg
Posts: 81
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: How secure is sudo with a password?

Thu Jun 14, 2018 1:37 pm

You can set sudo to allow only the script to be run. The following allows anyone in the group "mattg" to run "somescript.py" from the designated directory, and prohibits passing options to the script:

Code: Select all

%mattg ALL=(root:root) NOPASSWD:/usr/local/bin/somescript.py ""
There's a lot that can be done with sudo, and the system defaults are upsettingly deficient and inappropriate in that regard. Michael W Lucas has a useful book on configuring sudoers correctly. It's called sudo Mastery and well worth reading.

The manual pages help ("man sudoers") but a guide like Lucas' book really helps. He's got a good but very long presentation online on Youtube under the title "Sudo: You're Doing It Wrong"

B.Goode
Posts: 5803
Joined: Mon Sep 01, 2014 4:03 pm
Location: UK

Re: How secure is sudo with a password?

Thu Jun 14, 2018 1:39 pm

are you saying that if a file has read/write permissions for sudo user only, and I enable password for sudo (and change it to a very robust password), someone could take the SD card out of my raspberry pi and plug it into theirs, and essentially bypass the permissions/password?
No doubt @Dougie will respond next time he is online, but the answer is Yes, the situation is as you summarise.

By the same token: suppose you have a machine running Microsoft Windows, with individual password-protected accounts. If I can boot up that machine using a Linux 'live CD' (like this one https://www.raspberrypi.org/downloads/r ... i-desktop/) then I can read any files stored in those passworded account folders.

The protections and permissions of the filesystem are only enforced by a running Operating System that implements and honours those mechanisms - if they are handed over as a collection of files to some other Operating System there is no longer any such protection.

User avatar
DougieLawson
Posts: 32668
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: How secure is sudo with a password?

Thu Jun 14, 2018 4:34 pm

Taking an SDCard out of a Raspberry is like pulling the hard disk from your laptop. Unless the filesystem is encrypted then it's all freely readable.

The problem with encrypted filesystems is there's nowhere secure to store the key (laptops can store keys in BIOS storage). They're also a monster pain as an encrypted filesytem needs human interaction at boot time, so they're no good for a headless system.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

mattg31
Posts: 42
Joined: Fri Jan 05, 2018 9:55 pm

Re: How secure is sudo with a password?

Fri Jun 15, 2018 12:51 am

Thanks again for the info and help here. I will check out the book/video as you suggested @typo kingg!

So, it sounds like the best bet is as suggested above:
I should figure out a way to password protect my SQLite database so that even in the event someone jacks the SD, they will have a difficult time extracting the sensitive data?

Return to “Raspbian”

Who is online

Users browsing this forum: davethomas1359 and 27 guests